Lucene search
HistoryAug 24, 2011 - 10:55 a.m.
CVE-2010-4825
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.004
Percentile
73.8%
Cross-site scripting (XSS) vulnerability in magpie_debug.php in the Twitter Feed plugin (wp-twitter-feed) 0.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Affected configurations
Node
pleerwp-twitter-feedMatch0.3.1
wordpresswordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| pleer | wp-twitter-feed | 0.3.1 | cpe:2.3:a:pleer:wp-twitter-feed:0.3.1:*:*:*:*:*:*:* |
| wordpress | wordpress | * | cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2010-4825
2011-08-24 10:00:00
cve
cve
CVE-2010-4825
2011-08-24 10:55:05
patchstack
patchstack
WordPress Twitter Feed Plugin <= 0.3.1 - XSS
2011-08-23 00:00:00
openvas
openvas
nessus
nessus
Twitter Feed for WordPress Plugin 'url' Parameter XSS
2010-12-09 00:00:00
wpvulndb
wpvulndb
Twitter Feed <= 0.3.1 - XSS
2010-12-07 00:00:00
prion
prion
Cross site scripting
2011-08-24 10:55:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.004
Percentile
73.8%
Related for NVD:CVE-2010-4825